Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
File:                     QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json)
Hash identifier:          FVMPYu8v8dtU1KUZC03L6anrliUwK1NTQb6umXlSDAU=
Subject key identifier:   04:C2:9E:40:FD:63:AF:C0:94:D1:CE:BF:EF:B5:2C:3A:DD:1F:1C:D9
Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6
Certificate issuer:       /CN=431c57e1921d31a34aebd12e507a136fe04598c6
Certificate serial:       01977A1D301A945DBE37A82EAAC8D207C4F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
Manifest number:          0352
Signing time:             Mon 16 Jun 2025 19:00:22 +0000
Manifest this update:     Mon 16 Jun 2025 19:00:22 +0000
Manifest next update:     Tue 17 Jun 2025 19:00:22 +0000
Files and hashes:         1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: U+hMk84Ogxpih95XngdfWhDUGp+y+z888Y0SBY2Jz+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:7a:1d:30:1a:94:5d:be:37:a8:2e:aa:c8:d2:07:c4:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6
        Validity
            Not Before: Jun 16 19:00:22 2025 GMT
            Not After : Jun 17 19:00:22 2025 GMT
        Subject: CN=04c29e40fd63afc094d1cebfefb52c3add1f1cd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1b:f0:e9:6a:3c:1d:8e:47:95:e3:37:3c:63:
                    20:39:e5:ac:db:70:08:f3:f0:f1:86:b3:b0:98:7a:
                    74:9a:52:75:d0:ca:fd:df:ba:c0:0f:24:72:5d:f6:
                    33:33:c6:6b:92:e7:2b:dd:de:01:b3:52:12:8c:1a:
                    18:2c:da:2e:a0:28:79:2c:46:4d:58:2c:ad:1f:46:
                    af:54:f4:9a:dc:fe:30:67:e1:34:4f:32:a3:aa:b6:
                    80:cc:f9:d5:e8:8c:c8:76:f0:27:66:41:3b:62:22:
                    95:bd:6a:c9:67:ab:a4:06:cb:8e:df:3c:b2:a0:84:
                    cc:30:32:ea:28:e6:0e:1b:7a:f1:a2:83:41:04:96:
                    5f:54:52:6f:ca:fd:61:04:ca:8a:7a:3b:7f:16:93:
                    2c:51:3f:e6:1c:a1:2e:7d:40:b5:63:b4:6b:24:f3:
                    e2:a9:c6:28:a8:18:70:15:b3:44:cd:a5:1c:38:d8:
                    81:46:ab:f4:83:c9:ac:97:5b:fc:c3:0e:d4:de:7c:
                    be:73:09:23:57:e0:5d:ca:aa:1b:1e:e4:ce:51:83:
                    e5:34:79:57:34:02:d7:c7:90:e8:b9:5f:93:41:0c:
                    bd:e2:d5:47:87:13:f5:77:30:7d:6e:d5:00:02:08:
                    56:43:86:1e:6e:05:92:c5:50:17:b8:d0:67:e4:6b:
                    a6:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:C2:9E:40:FD:63:AF:C0:94:D1:CE:BF:EF:B5:2C:3A:DD:1F:1C:D9
            X509v3 Authority Key Identifier:
                keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:6b:1f:4d:c1:45:c7:58:84:4d:a2:c3:e7:76:0e:dc:a4:ce:
         3c:b0:39:0a:aa:6c:73:bc:be:be:da:63:3d:35:d1:5a:56:cc:
         b3:12:f5:54:aa:42:b5:e3:8a:a4:06:ef:9f:b9:72:be:e9:9e:
         1d:e2:44:9c:f3:5f:12:e4:2c:1c:a7:e4:d2:b2:4b:b0:08:1e:
         e5:33:cf:b0:c1:eb:3c:78:5f:9f:85:9f:7b:7a:b9:84:18:eb:
         d1:a1:15:f0:8a:72:f5:3d:ef:6b:c0:d4:c9:aa:36:61:20:8a:
         73:f9:91:54:d7:9b:64:0e:8e:ac:e6:39:8c:6e:54:e0:76:36:
         15:0b:72:3f:0a:0c:86:a7:33:76:54:27:6b:d9:fd:a6:17:ad:
         e1:12:19:e3:b7:d0:c3:82:20:60:c7:a6:eb:c7:cc:32:32:65:
         18:1c:3e:aa:72:0e:6b:d1:ab:8a:20:2b:5f:d9:84:36:77:db:
         c4:81:38:7d:d1:b2:95:00:d8:1c:79:fc:84:6b:c2:de:d2:55:
         56:24:d1:a1:86:21:5c:59:d7:77:5e:eb:f9:b8:8b:dc:9a:bd:
         8f:f8:2c:86:78:71:e8:11:ec:ea:7c:b1:56:5b:59:ff:49:ea:
         57:24:cb:a4:21:72:5d:32:a6:c2:71:2a:36:d7:1f:d3:75:c8:
         5b:c7:82:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd6HTAalF2+N6guqsjSB8T5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0
NTk4YzYwHhcNMjUwNjE2MTkwMDIyWhcNMjUwNjE3MTkwMDIyWjAzMTEwLwYDVQQD
EygwNGMyOWU0MGZkNjNhZmMwOTRkMWNlYmZlZmI1MmMzYWRkMWYxY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRvw6Wo8HY5HleM3PGMgOeWs23AI
8/DxhrOwmHp0mlJ10Mr937rADyRyXfYzM8Zrkucr3d4Bs1ISjBoYLNouoCh5LEZN
WCytH0avVPSa3P4wZ+E0TzKjqraAzPnV6IzIdvAnZkE7YiKVvWrJZ6ukBsuO3zyy
oITMMDLqKOYOG3rxooNBBJZfVFJvyv1hBMqKejt/FpMsUT/mHKEufUC1Y7RrJPPi
qcYoqBhwFbNEzaUcONiBRqv0g8msl1v8ww7U3ny+cwkjV+BdyqobHuTOUYPlNHlX
NALXx5DouV+TQQy94tVHhxP1dzB9btUAAghWQ4YebgWSxVAXuNBn5GumRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATCnkD9Y6/AlNHOv++1LDrdHxzZMB8GA1UdIwQY
MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt
Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2
LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnGsfTcFF
x1iETaLD53YO3KTOPLA5Cqpsc7y+vtpjPTXRWlbMsxL1VKpCteOKpAbvn7lyvume
HeJEnPNfEuQsHKfk0rJLsAge5TPPsMHrPHhfn4Wfe3q5hBjr0aEV8Ipy9T3va8DU
yao2YSCKc/mRVNebZA6OrOY5jG5U4HY2FQtyPwoMhqczdlQna9n9phet4RIZ47fQ
w4IgYMem68fMMjJlGBw+qnIOa9GriiArX9mENnfbxIE4fdGylQDYHHn8hGvC3tJV
ViTRoYYhXFnXd17r+biL3Jq9j/gshnhx6BHs6nyxVltZ/0nqVyTLpCFyXTKmwnEq
Ntcf03XIW8eCpA==
-----END CERTIFICATE-----